<< Identity Finder Analysis of Anonymous Breach of Toronto Police Department | Analysis: Southern California Automotive Service Chain Apparently Hacked >>

Identity Finder Analysis of Clarksville, Tennessee Hack and Breach

by Aaron Titus, Esq., Privacy Officer 12. June 2012 01:15

Breach Includes 3,977 Student SSNs; 4,942 Employee SSNs

For Immediate Release
Media Contact: Aaron Titus
(888) 244-3790

New York, NY – June 12, 2012 - Identity Finder, LLC (www.identityfinder.com) has analyzed the information exposed in the recent hack and breach announced by the Clarksville Montgomery County School System.

Identity Finder was on alert for the breach after a hacker tweeted a cryptic threat to release more than a hundred thousand "State Records/Citizen Records," on June 6, 2012.

Late June 9, 2012, the hacker posted a press release on pastebin.com with links to redacted images of Clarksville citizen personal information, but promised not to release any of the social security numbers to avoid risking "the safety of innocent children and hard-working Adults." The issue was referred to the school system, which initiated an investigation.

On Monday, June 11th, three hackers going by the name "SpexSec" claimed to release "14,525 Citizen Records" in two text files. These text files included names, social security numbers, email addresses, passwords, dates of birth, and other sensitive personal information. It is not known whether the hackers will release additional sensitive personal information from Clarksville, TN, but they have made additional threats to release new leaks. Identity Finder has analyzed the data released so far, and can confirm the following:

Identity Finder found 8,919 unique social security numbers. 4,942 appear to belong to employees, and 3,977 appear to belong to students.
Identity Finder found the full names and student IDs of 3,988 unique Clarksville, TN students.
Of those, 1,313 students had their genders and dates of birth exposed. Those 1,313 students were born between April 14, 1987 and September 18, 1993.
Identity Finder found the names and employee IDs of 4,943 Clarksville, TN district employees.
Identity Finder found 248 employee usernames and passwords, and one employee's mother's maiden name.
As of June 12, 2012, 9:00am Central time, the files containing the information have been taken offline. [Update:] As of approximately 3:30pm Eastern, June 13, 2012, a backup of the original file has been posted online by a hacker. It seems unlikely (but not impossible) that new data will be released at this point.

About

Identity Finder's data discovery and protection software provides companies the ability to prevent data leakage and find sensitive information. They have quickly grown to become a leader in identity protection and Data Loss Prevention (DLP) by helping millions of consumers, small businesses, and enterprises across the world. You may download the free version of Identity Finder DLP Software here: http://identityfinder.com/free

Tags:

Identity Finder Releases Detailed Analysis of Personal Information from Hacker Attack Claiming to Target FacebookHacker Group Claims 10,000 Facebook Accounts Hacked and Posted Online New York, NY – October 18, 20...Identity Finder Releases Analysis of Anonymous Hack of DOJ WebsiteBreach Causes More Embarrassment than Damage; Contains Little Personal Information For Immediate Re...Identity Finder Releases Detailed Analysis of Personal Information from Hacker Attack on Star Wars Fan Site New York, NY - August 30, 2011 - Identity Finder, LLC (www.identityfinder.com) today released a de...